Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine assetexplorer 6.5 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-19034
Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an malicious user to execute arbitrary commands on the AssetExplorer Server with N...
Zohocorp Manageengine Assetexplorer 6.5
4.3
CVSSv2
CVE-2019-12537
An issue exists in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field.
Zohocorp Manageengine Assetexplorer 6.5
4.3
CVSSv2
CVE-2019-12595
An issue exists in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter.
Zohocorp Manageengine Assetexplorer 6.5
4.3
CVSSv2
CVE-2019-12597
An issue exists in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName.
Zohocorp Manageengine Assetexplorer 6.5
4.3
CVSSv2
CVE-2019-12596
An issue exists in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType.
Zohocorp Manageengine Assetexplorer 6.5
4.9
CVSSv2
CVE-2020-8838
An issue exists in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows agent, it does not validate the source and binary downloaded. This allows an attacker on an adjacent network to execute code with NT AUTHORITY/SYSTEM privileges on the agent machines by provi...
Zohocorp Manageengine Assetexplorer 6.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started